Lares Labs
  • Home
  • About
  • The Team
  • Pentesting 101
  • Social Engineering 101
  • GitHub
  • Contact Us
  • Lares.com
Raúl Redondo

Raúl Redondo

Kerberos IV - Delegations
penetrationtesting

Kerberos IV - Delegations

In the third part of this Kerberos series, we focused on leveraging user credential material for impersonation through techniques such as Pass-the-Key/Ticket/Cache/Certificate, and Shadow Credentials. Additionally, we explored how to manage and forge Kerberos tickets to facilitate lateral movement, privilege escalation, and establish persistence within the domain.
Sep 23, 2024 18 min read
Kerberos III - User Impersonation
penetrationtesting

Kerberos III - User Impersonation

The goal of this post, whether we are adversaries or defenders, is to help us understand the multiple ways that Kerberos offers to access resources using the credential material gathered.
May 21, 2024 18 min read
Kerberos II - Credential Access
penetrationtesting

Kerberos II - Credential Access

In this part of the series, we will focus on Credential Access and the attacks that Kerberos can facilitate.
Mar 26, 2024 11 min read
Kerberos I - Overview
penetrationtesting

Kerberos I - Overview

This post, is the first in the series and will aim to provide an overview of the protocol, from its beginnings to the different (ab)use techniques.
Mar 19, 2024 13 min read
The Phantom Menace: Exposing hidden risks through ACLs in Active Directory
redteam

The Phantom Menace: Exposing hidden risks through ACLs in Active Directory

The abuse of misconfigured Access Control Lists is nothing new. However, it is still one of the main ways of lateral movement and privilege escalation within an active directory domain.
Jun 19, 2023 12 min read
Page 1 of 1
Lares Labs © 2025
  • Twitter
  • GitHub
  • LinkedIn
Powered by Lares